HIPAA and XP, just a reminder

tmccormi wrote on Friday, December 12, 2014:

Anchorage Community Mental Health Services, Inc, has just been assessed a $150,000 penalty for a HIPAA data breach. The title of the OCR bulletin for the HIPAA settlement is telling: “HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software.” It seems that OCR wanted to communicate clearly that unpatched and unsupported software is a HIPAA violation.

If you’re a regular reader of EMR and HIPAA, then you might remember that we warned you that continued use of Windows XP would be a HIPAA violation since Windows stopped providing updates to it on April 8, 2014. Thankfully, it was one of our most read posts with ~35,000 people viewing it. However, I’m sure many others missed the post or didn’t listen. The above example is proof that using unsupported software will result in a HIPAA violation.

… many organizations don’t want to incur the cost of updating Windows XP or implementing a firewall. It turns out, it’s much cheaper to do these upgrades than to pay the HIPAA fines for non-compliance. Let alone the hit to your reputation.

See the whole article: Firewall & Windows XP HIPAA Penalties | Healthcare IT Today

–Tony

fsgl wrote on Saturday, December 13, 2014:

There had been a thread about switching to Linux Mint this past February. Hopefully all Forum members converted by now.

Another reason to be grateful for FOSS; not being held hostage by vendors of proprietary software, cited in Mike Semel’s article, who won’t cooperate.